username and password authorization method
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
RPC4Django |
Won't Fix
|
Undecided
|
davidfischer |
Bug Description
Hello,
If use a authorization method, don't check user and return Anonymous user
For example:
proxy = xmlrpclib.
in rpc4django views.py getattr(request, 'user', None) return always Anonymous
One solution is next code: validate username and password URI
response = True
user = getattr(request, 'user', None)
#authorization
if 'HTTP_AUTHORIZA
auth = request.
if not len(auth) == 2:
if not auth[0].lower() == "basic":
uname, passwd = base64.
user = authenticate(
Changed in rpc4django: | |
assignee: | nobody → davidfischer (djfische) |
This is by design.
When using authentication, you must either setup your webserver to use HTTP basic authentication or you must use the out of the box authentication. See the docs (http:// packages. python. org/rpc4django/ usage/auth. html) for details.
When using HTTP authentication, you should be using the RemoteUserMiddl eware to do the password checking automatically. If using the out of the box authentication, you should use the system.login() method.